311

Author: lucasmcdonald3

buildspec.yml

@@ -150,22 +150,22 @@ batch:
     #   env:
     #     image: aws/codebuild/standard:5.0
 
-    # - identifier: py311_integ
-    #   buildspec: codebuild/py311/integ.yml
-    #   env:
-    #     image: aws/codebuild/standard:7.0
-    # - identifier: py311_integ_mpl
-    #   buildspec: codebuild/py311/integ_mpl.yml
-    #   env:
-    #     image: aws/codebuild/standard:7.0
-    # - identifier: py311_examples
-    #   buildspec: codebuild/py311/examples.yml
-    #   env:
-    #     image: aws/codebuild/standard:7.0
-    # - identifier: py311_examples_mpl
-    #   buildspec: codebuild/py311/examples_mpl.yml
-    #   env:
-    #     image: aws/codebuild/standard:7.0
+    - identifier: py311_integ
+      buildspec: codebuild/py311/integ.yml
+      env:
+        image: aws/codebuild/standard:7.0
+    - identifier: py311_integ_mpl
+      buildspec: codebuild/py311/integ_mpl.yml
+      env:
+        image: aws/codebuild/standard:7.0
+    - identifier: py311_examples
+      buildspec: codebuild/py311/examples.yml
+      env:
+        image: aws/codebuild/standard:7.0
+    - identifier: py311_examples_mpl
+      buildspec: codebuild/py311/examples_mpl.yml
+      env:
+        image: aws/codebuild/standard:7.0
     # - identifier: py311_awses_latest
     #   buildspec: codebuild/py311/awses_local.yml
     #   env:
@@ -175,69 +175,69 @@ batch:
     #   env:
     #     image: aws/codebuild/standard:7.0
     # - identifier: py311_mplawses_latest_mpl
-    #   buildspec: codebuild/py311/mplawses_local_mpl.yml
-    #   env:
-    #     image: aws/codebuild/standard:7.0
-    # - identifier: py311_decrypt_dafny_esdk_vectors_masterkey
-    #   buildspec: codebuild/py311/decrypt_dafny_esdk_vectors_masterkey.yml
-    #   env:
-    #     image: aws/codebuild/standard:7.0
-    # - identifier: py311_decrypt_dafny_esdk_vectors_keyrings
-    #   buildspec: codebuild/py311/decrypt_dafny_esdk_vectors_keyrings.yml
-    #   env:
-    #     image: aws/codebuild/standard:7.0
-    # - identifier: py311_decrypt_net_401_vectors_masterkey
-    #   buildspec: codebuild/py311/decrypt_net_401_vectors_masterkey.yml
-    #   env:
-    #     image: aws/codebuild/standard:7.0
-    # - identifier: py311_decrypt_net_401_vectors_keyrings
-    #   buildspec: codebuild/py311/decrypt_net_401_vectors_keyrings.yml
-    #   env:
-    #     image: aws/codebuild/standard:7.0
-    # - identifier: py311_generate_decrypt_vectors_masterkey
-    #   buildspec: codebuild/py311/generate_decrypt_vectors_masterkey.yml
-    #   env:
-    #     image: aws/codebuild/standard:7.0
-    # - identifier: py311_decrypt_masterkey_with_masterkey
-    #   depend-on: 
-    #    - py311_generate_decrypt_vectors_masterkey
-    #   buildspec: codebuild/py311/decrypt_masterkey_with_masterkey.yml
-    #   env:
-    #     image: aws/codebuild/standard:7.0
-    # - identifier: py311_decrypt_masterkey_with_keyrings
-    #   depend-on: 
-    #    - py311_generate_decrypt_vectors_masterkey
-    #   buildspec: codebuild/py311/decrypt_masterkey_with_keyrings.yml
-    #   env:
-    #     image: aws/codebuild/standard:7.0
-    # - identifier: py311_decrypt_masterkey_with_js
-    #   depend-on: 
-    #    - py311_generate_decrypt_vectors_masterkey
-    #   buildspec: codebuild/py311/decrypt_masterkey_with_js.yml
-    #   env:
-    #     image: aws/codebuild/standard:7.0
-    # - identifier: py311_generate_decrypt_vectors_keyrings
-    #   buildspec: codebuild/py311/generate_decrypt_vectors_keyrings.yml
-    #   env:
-    #     image: aws/codebuild/standard:7.0
-    # - identifier: py311_decrypt_keyrings_with_masterkey
-    #   depend-on: 
-    #    - py311_generate_decrypt_vectors_keyrings
-    #   buildspec: codebuild/py311/decrypt_keyrings_with_masterkey.yml
-    #   env:
-    #     image: aws/codebuild/standard:7.0
-    # - identifier: py311_decrypt_keyrings_with_keyrings
-    #   depend-on: 
-    #    - py311_generate_decrypt_vectors_keyrings
-    #   buildspec: codebuild/py311/decrypt_keyrings_with_keyrings.yml
-    #   env:
-    #     image: aws/codebuild/standard:7.0
-    # - identifier: py311_decrypt_keyrings_with_js
-    #   depend-on: 
-    #    - py311_generate_decrypt_vectors_keyrings
-    #   buildspec: codebuild/py311/decrypt_keyrings_with_js.yml
-    #   env:
-    #     image: aws/codebuild/standard:7.0
+      # buildspec: codebuild/py311/mplawses_local_mpl.yml
+      # env:
+      #   image: aws/codebuild/standard:7.0
+    - identifier: py311_decrypt_dafny_esdk_vectors_masterkey
+      buildspec: codebuild/py311/decrypt_dafny_esdk_vectors_masterkey.yml
+      env:
+        image: aws/codebuild/standard:7.0
+    - identifier: py311_decrypt_dafny_esdk_vectors_keyrings
+      buildspec: codebuild/py311/decrypt_dafny_esdk_vectors_keyrings.yml
+      env:
+        image: aws/codebuild/standard:7.0
+    - identifier: py311_decrypt_net_401_vectors_masterkey
+      buildspec: codebuild/py311/decrypt_net_401_vectors_masterkey.yml
+      env:
+        image: aws/codebuild/standard:7.0
+    - identifier: py311_decrypt_net_401_vectors_keyrings
+      buildspec: codebuild/py311/decrypt_net_401_vectors_keyrings.yml
+      env:
+        image: aws/codebuild/standard:7.0
+    - identifier: py311_generate_decrypt_vectors_masterkey
+      buildspec: codebuild/py311/generate_decrypt_vectors_masterkey.yml
+      env:
+        image: aws/codebuild/standard:7.0
+    - identifier: py311_decrypt_masterkey_with_masterkey
+      depend-on: 
+       - py311_generate_decrypt_vectors_masterkey
+      buildspec: codebuild/py311/decrypt_masterkey_with_masterkey.yml
+      env:
+        image: aws/codebuild/standard:7.0
+    - identifier: py311_decrypt_masterkey_with_keyrings
+      depend-on: 
+       - py311_generate_decrypt_vectors_masterkey
+      buildspec: codebuild/py311/decrypt_masterkey_with_keyrings.yml
+      env:
+        image: aws/codebuild/standard:7.0
+    - identifier: py311_decrypt_masterkey_with_js
+      depend-on: 
+       - py311_generate_decrypt_vectors_masterkey
+      buildspec: codebuild/py311/decrypt_masterkey_with_js.yml
+      env:
+        image: aws/codebuild/standard:7.0
+    - identifier: py311_generate_decrypt_vectors_keyrings
+      buildspec: codebuild/py311/generate_decrypt_vectors_keyrings.yml
+      env:
+        image: aws/codebuild/standard:7.0
+    - identifier: py311_decrypt_keyrings_with_masterkey
+      depend-on: 
+       - py311_generate_decrypt_vectors_keyrings
+      buildspec: codebuild/py311/decrypt_keyrings_with_masterkey.yml
+      env:
+        image: aws/codebuild/standard:7.0
+    - identifier: py311_decrypt_keyrings_with_keyrings
+      depend-on: 
+       - py311_generate_decrypt_vectors_keyrings
+      buildspec: codebuild/py311/decrypt_keyrings_with_keyrings.yml
+      env:
+        image: aws/codebuild/standard:7.0
+    - identifier: py311_decrypt_keyrings_with_js
+      depend-on: 
+       - py311_generate_decrypt_vectors_keyrings
+      buildspec: codebuild/py311/decrypt_keyrings_with_js.yml
+      env:
+        image: aws/codebuild/standard:7.0
 
     # - identifier: py312_integ
     #   buildspec: codebuild/py312/integ.yml

codebuild/py311/decrypt_keyrings_with_js.yml

@@ -0,0 +1,34 @@
+version: 0.2
+
+env:
+  variables:
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_KEY_ID: >-
+      arn:aws:kms:us-west-2:658956600833:key/b35311ef1-d8dc-4780-9f5a-55776cbb2f7f
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_KEY_ID_2: >-
+      arn:aws:kms:eu-central-1:658956600833:key/75414c93-5285-4b57-99c9-30c1cf0a22c2
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_MRK_KEY_ID_1: >-
+      arn:aws:kms:us-west-2:658956600833:key/mrk-80bd8ecdcd4342aebd84b7dc9da498a7
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_MRK_KEY_ID_2: >-
+      arn:aws:kms:us-east-1:658956600833:key/mrk-80bd8ecdcd4342aebd84b7dc9da498a7
+
+phases:
+  install:
+    runtime-versions:
+      python: 3.11
+    commands:
+      - n 16
+      # Install the Javascript ESDK run test vectors
+      - npm install -g @aws-crypto/integration-node
+
+  pre_build:
+    commands:
+      # Download previously generated vectors
+      - aws s3 cp s3://generated-vectors-artifacts-bucket/$CODEBUILD_RESOLVED_SOURCE_VERSION/311_keyrings.zip 311_keyrings.zip
+      # Repackage zip in expected format
+      - unzip 311_keyrings.zip
+      - cd 311_keyrings
+      - zip -r vectors.zip .
+  build:
+    commands:
+      # Decrypt generated vectors with Javascript ESDK
+      - integration-node decrypt -v vectors.zip

codebuild/py311/decrypt_keyrings_with_keyrings.yml

@@ -0,0 +1,31 @@
+version: 0.2
+
+env:
+  variables:
+    TOXENV: "py311-full_decrypt"
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_KEY_ID: >-
+      arn:aws:kms:us-west-2:658956600833:key/b35311ef1-d8dc-4780-9f5a-55776cbb2f7f
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_KEY_ID_2: >-
+      arn:aws:kms:eu-central-1:658956600833:key/75414c93-5285-4b57-99c9-30c1cf0a22c2
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_MRK_KEY_ID_1: >-
+      arn:aws:kms:us-west-2:658956600833:key/mrk-80bd8ecdcd4342aebd84b7dc9da498a7
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_MRK_KEY_ID_2: >-
+      arn:aws:kms:us-east-1:658956600833:key/mrk-80bd8ecdcd4342aebd84b7dc9da498a7
+
+phases:
+  install:
+    runtime-versions:
+      python: 3.11
+  pre_build:
+    commands:
+      # Download previously generated vectors
+      - aws s3 cp s3://generated-vectors-artifacts-bucket/$CODEBUILD_RESOLVED_SOURCE_VERSION/311_keyrings.zip 311_keyrings.zip
+      - unzip 311_keyrings.zip
+  build:
+    commands:
+      - pip install "tox < 4.0"
+      - cd test_vector_handlers
+      - |
+        tox -- \
+          --input ../311_keyrings/manifest.json \
+          --keyrings

codebuild/py311/decrypt_keyrings_with_masterkey.yml

@@ -0,0 +1,30 @@
+version: 0.2
+
+env:
+  variables:
+    TOXENV: "py311-full_decrypt"
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_KEY_ID: >-
+      arn:aws:kms:us-west-2:658956600833:key/b35311ef1-d8dc-4780-9f5a-55776cbb2f7f
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_KEY_ID_2: >-
+      arn:aws:kms:eu-central-1:658956600833:key/75414c93-5285-4b57-99c9-30c1cf0a22c2
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_MRK_KEY_ID_1: >-
+      arn:aws:kms:us-west-2:658956600833:key/mrk-80bd8ecdcd4342aebd84b7dc9da498a7
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_MRK_KEY_ID_2: >-
+      arn:aws:kms:us-east-1:658956600833:key/mrk-80bd8ecdcd4342aebd84b7dc9da498a7
+
+phases:
+  install:
+    runtime-versions:
+      python: 3.11
+  pre_build:
+    commands:
+      # Download previously generated vectors
+      - aws s3 cp s3://generated-vectors-artifacts-bucket/$CODEBUILD_RESOLVED_SOURCE_VERSION/311_keyrings.zip 311_keyrings.zip
+      - unzip 311_keyrings.zip
+  build:
+    commands:
+      - pip install "tox < 4.0"
+      - cd test_vector_handlers
+      - |
+        tox -- \
+          --input ../311_keyrings/manifest.json

codebuild/py311/decrypt_masterkey_with_js.yml

@@ -0,0 +1,34 @@
+version: 0.2
+
+env:
+  variables:
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_KEY_ID: >-
+      arn:aws:kms:us-west-2:658956600833:key/b35311ef1-d8dc-4780-9f5a-55776cbb2f7f
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_KEY_ID_2: >-
+      arn:aws:kms:eu-central-1:658956600833:key/75414c93-5285-4b57-99c9-30c1cf0a22c2
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_MRK_KEY_ID_1: >-
+      arn:aws:kms:us-west-2:658956600833:key/mrk-80bd8ecdcd4342aebd84b7dc9da498a7
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_MRK_KEY_ID_2: >-
+      arn:aws:kms:us-east-1:658956600833:key/mrk-80bd8ecdcd4342aebd84b7dc9da498a7
+
+phases:
+  install:
+    runtime-versions:
+      python: 3.11
+    commands:
+      - n 16
+      # Install the Javascript ESDK run test vectors
+      - npm install -g @aws-crypto/integration-node
+
+  pre_build:
+    commands:
+      # Download previously generated vectors
+      - aws s3 cp s3://generated-vectors-artifacts-bucket/$CODEBUILD_RESOLVED_SOURCE_VERSION/311_masterkey.zip 311_masterkey.zip
+      # Repackage zip in expected format
+      - unzip 311_masterkey.zip
+      - cd 311_masterkey
+      - zip -r vectors.zip .
+  build:
+    commands:
+      # Decrypt generated vectors with Javascript ESDK
+      - integration-node decrypt -v vectors.zip

codebuild/py311/decrypt_masterkey_with_keyrings.yml

@@ -0,0 +1,31 @@
+version: 0.2
+
+env:
+  variables:
+    TOXENV: "py311-full_decrypt"
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_KEY_ID: >-
+      arn:aws:kms:us-west-2:658956600833:key/b35311ef1-d8dc-4780-9f5a-55776cbb2f7f
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_KEY_ID_2: >-
+      arn:aws:kms:eu-central-1:658956600833:key/75414c93-5285-4b57-99c9-30c1cf0a22c2
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_MRK_KEY_ID_1: >-
+      arn:aws:kms:us-west-2:658956600833:key/mrk-80bd8ecdcd4342aebd84b7dc9da498a7
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_MRK_KEY_ID_2: >-
+      arn:aws:kms:us-east-1:658956600833:key/mrk-80bd8ecdcd4342aebd84b7dc9da498a7
+
+phases:
+  install:
+    runtime-versions:
+      python: 3.11
+  pre_build:
+    commands:
+      # Download previously generated vectors
+      - aws s3 cp s3://generated-vectors-artifacts-bucket/$CODEBUILD_RESOLVED_SOURCE_VERSION/311_masterkey.zip 311_masterkey.zip
+      - unzip 311_masterkey.zip
+  build:
+    commands:
+      - pip install "tox < 4.0"
+      - cd test_vector_handlers
+      - |
+        tox -- \
+          --input ../311_masterkey/manifest.json \
+          --keyrings

codebuild/py311/decrypt_masterkey_with_masterkey.yml

@@ -0,0 +1,30 @@
+version: 0.2
+
+env:
+  variables:
+    TOXENV: "py311-full_decrypt"
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_KEY_ID: >-
+      arn:aws:kms:us-west-2:658956600833:key/b35311ef1-d8dc-4780-9f5a-55776cbb2f7f
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_KEY_ID_2: >-
+      arn:aws:kms:eu-central-1:658956600833:key/75414c93-5285-4b57-99c9-30c1cf0a22c2
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_MRK_KEY_ID_1: >-
+      arn:aws:kms:us-west-2:658956600833:key/mrk-80bd8ecdcd4342aebd84b7dc9da498a7
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_MRK_KEY_ID_2: >-
+      arn:aws:kms:us-east-1:658956600833:key/mrk-80bd8ecdcd4342aebd84b7dc9da498a7
+
+phases:
+  install:
+    runtime-versions:
+      python: 3.11
+  pre_build:
+    commands:
+      # Download previously generated vectors
+      - aws s3 cp s3://generated-vectors-artifacts-bucket/$CODEBUILD_RESOLVED_SOURCE_VERSION/311_masterkey.zip 311_masterkey.zip
+      - unzip 311_masterkey.zip
+  build:
+    commands:
+      - pip install "tox < 4.0"
+      - cd test_vector_handlers
+      - |
+        tox -- \
+          --input ../311_masterkey/manifest.json

codebuild/py311/decrypt_net_401_vectors_keyrings.yml

@@ -12,23 +12,13 @@ env:
       arn:aws:kms:us-west-2:658956600833:key/mrk-80bd8ecdcd4342aebd84b7dc9da498a7
     AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_MRK_KEY_ID_2: >-
       arn:aws:kms:us-east-1:658956600833:key/mrk-80bd8ecdcd4342aebd84b7dc9da498a7
-    AWS_ENCRYPTION_SDK_PYTHON_DECRYPT_ORACLE_API_DEPLOYMENT_ID: "xi1mwx3ttb"
-    AWS_ENCRYPTION_SDK_PYTHON_DECRYPT_ORACLE_REGION: "us-west-2"
 
 phases:
   install:
     runtime-versions:
       python: 3.11
   pre_build:
     commands:
-      # Assume Role to access non-prod resource
-      - TMP_ROLE=$(aws sts assume-role --role-arn "arn:aws:iam::370957321024:role/GitHub-CI-Public-ESDK-Python-Role-us-west-2" --role-session-name "CB-TestVectorResources")
-      - export TMP_ROLE
-      - export AWS_ACCESS_KEY_ID=$(echo "${TMP_ROLE}" | jq -r '.Credentials.AccessKeyId')
-      - export AWS_SECRET_ACCESS_KEY=$(echo "${TMP_ROLE}" | jq -r '.Credentials.SecretAccessKey')
-      - export AWS_SESSION_TOKEN=$(echo "${TMP_ROLE}" | jq -r '.Credentials.SessionToken')
-      - aws sts get-caller-identity
-
       # Fetch ESDK .NET v4.0.1 Test Vectors
       - VECTOR_ZIP=$CODEBUILD_SRC_DIR/v4-Net-4.0.1.zip
       - VECTORS_URL=https://github.com/aws/aws-encryption-sdk-dafny/raw/mainline/AwsEncryptionSDK/runtimes/net/TestVectorsNative/TestVectors/resources/v4-Net-4.0.1.zip